<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require_once 'common/conn.php';
require_once 'common/common.php';

$result = "";

if (isset($_POST['usercode']) && isset($_POST['newpassword']) && isset($_POST['newpassword2'])) {
    $usercode = $_POST['usercode'];
    $db = new DBC();
    $sql = "SELECT * FROM t_device WHERE devicecode = '" . $usercode . "'";
    $users = $db->fetchData($sql);
    if (checkArrayNotEmpty($users)) {
        $user = $users[0];
        if ($user['passwordFlag'] == 1) {
            $result = "重置密码申请已过期，请重新申请";
        } else {
            $yesterday = strtotime("-1 day");
            $passwordTime = strtotime($user['passwordTime']);

            $password = $_POST['newpassword'];
            $password2 = $_POST['newpassword2'];

            if ($user['passwordTime'] == "") {
                $result = "未申请重置密码";
            } else if ($yesterday > $passwordTime) {
                $result = "申请设置密码已经超过24小时，请重新申请";
            } else if (strlen($password) == 0) {
                $result = "请输入新密码";
            } else if (strlen($password2) == 0) {
                $result = "请确认新密码";
            } else if ($password != $password2) {
                $result = "两次输入的密码不一致";
            } else {
                $sql = "UPDATE t_device SET password = '" . $password . "',passwordFlag = 1 WHERE devicecode = '" . $usercode . "'";
                if ($db->execute($sql)) {
                    $result = "修改密码成功";
                } else {
                    $result = "修改密码失败，请重试";
                }
            }
        }
    } else {
        $result = "找不到相应的用户";
    }
} else {
    $result = "用户UID不正确";
}
echo "<script language='javascript'>alert('" . $result . "'); </script>";
echo "<script language='javascript'>history.back();</script>";
?>
